Fake Job Offers From Meta And Spotify Used To Hack Facebook Accounts In New Scam

The surge in unemployment since the pandemic has created a fertile hunting ground for cybercriminals, who are now weaponizing the job‑search process itself. By borrowing the branding of household names, the new phishing campaign exploits the trust job seekers place in legitimate recruitment outreach. The initial email often looks authentic, leveraging professional language and even legitimate email‑delivery services to slip past corporate spam filters, which makes the deception harder to spot for both candidates and security teams.

Technically, the operation is multi‑layered. After the email, victims are funneled to obscure "HUB" domains that only become active when accessed through a specific referral link, a tactic designed to evade traditional detection tools. These hubs host replica career portals—domains like plus.jobfusion‑mt.com or connect.spotifycareerapply.com—where applicants can browse fabricated listings. The climax of the scam is a prompt to log in via Facebook, which, if entered, hands over the attacker complete control of the user’s social profile and any linked services, effectively turning a single compromised account into a launchpad for broader fraud.

The ramifications extend beyond individual account loss. Once a social account is compromised, attackers can impersonate the victim to solicit money from friends and family, spread malicious links, or harvest personal data for identity theft. This underscores the importance of basic hygiene: verifying URLs, avoiding third‑party login prompts, and enabling multi‑factor authentication. As remote hiring becomes the norm, organizations must educate employees and reinforce security protocols to mitigate this evolving threat vector.